专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明授权

US09477836B1 Content modification in served code 有权
标题翻译：服务代码中的内容修改
公开(公告)号：US09477836B1
公开(公告)日：2016-10-25
申请号：US14259869
申请日：2014-04-23
申请人： Shape Security Inc.
发明人： Shishir Krovvidi Ramam , Shuman Ghosemajumder , Marc R. Hansen
IPC分类号： G06F21/00 , G06F21/56
CPC分类号： G06F21/6263 , G06F2221/031 , H04L63/0245 , H04L63/0281 , H04L63/0428 , H04W12/02
摘要： In some implementations, a computer system for obfuscating text in an electronic document can include an analysis module, a font data repository, a re-coding module, and a data interface. The analysis module is operable to identify strings of text from an electronic document. The font data repository can include one or more character maps that correlate, for each character map in the one or more character maps, a first set of characters with a respective different second set of characters. The re-coding module can generate a re-coded document by re-mapping, using a particular one of the one or more character maps, the identified strings of text into corresponding obfuscated strings of text, and by replacing the identified strings of text with the corresponding obfuscated strings of text from the electronic document. The data interface can transmit the re-coded document to a client computing device.
摘要翻译：在一些实现中，用于在电子文档中混淆文本的计算机系统可以包括分析模块，字体数据存储库，重新编码模块和数据接口。分析模块可操作以从电子文档中识别文本串。字体数据存储库可以包括一个或多个字符映射，其对于一个或多个字符映射中的每个字符映射关联具有相应不同的第二组字符的第一组字符。重新编码模块可以通过使用一个或多个字符映射中的特定的一个或多个字符映射将所识别的文本字符串重新映射到相应的混淆的文本串中，并且通过将所标识的文本串替换为来自电子文档的相应的混淆文本串。数据接口可以将重新编码的文档发送到客户端计算设备。

52. 发明授权

US09438625B1 Mitigating scripted attacks using dynamic polymorphism 有权
标题翻译：使用动态多态性减轻脚本攻击
公开(公告)号：US09438625B1
公开(公告)日：2016-09-06
申请号：US14481835
申请日：2014-09-09
申请人： SHAPE SECURITY, INC.
发明人： Siying Yang
IPC分类号： H04L29/06 , G06F21/54
CPC分类号： H04L63/1441 , G06F21/54 , H04L63/062 , H04L63/1491 , H04L63/168 , H04L2209/16
摘要： In an embodiment, a data processing system comprises one or more processors; script analysis logic coupled to the one or more processors and configured to obtain a particular electronic document from a server computer; script injection logic coupled to the one or more processors and configured to insert a set of script code into source code of the electronic document to result in producing a modified electronic document prior to providing the modified electronic document to a client computer; wherein the script code is configured to improve resistance of the client computer to attacks by running upon loading in the client computer and to cause transforming, when running in the client computer, one or more values of one or more elements of the source code of the electronic document into obfuscated values of the one or more elements. As a result, the system and method herein improve resistance of the client computer to attacks.
摘要翻译：在一个实施例中，数据处理系统包括一个或多个处理器; 脚本分析逻辑，其耦合到所述一个或多个处理器并且被配置为从服务器计算机获取特定电子文档; 脚本注入逻辑，其耦合到所述一个或多个处理器并且被配置为将一组脚本代码插入到所述电子文档的源代码中，以在将修改的电子文档提供给客户端计算机之前导致产生修改的电子文档; 其中所述脚本代码被配置为通过在所述客户端计算机中加载时运行来改善所述客户端计算机的攻击的阻力，并且当在所述客户端计算机中运行时，使所述脚本代码变为所述源代码的一个或多个元素的一个或多个值电子文档成为一个或多个元素的混淆值。结果，这里的系统和方法提高了客户端计算机的攻击阻力。

53. 发明授权

US09325734B1 Distributed polymorphic transformation of served content 有权
公开(公告)号：US09325734B1
公开(公告)日：2016-04-26
申请号：US14570632
申请日：2014-12-15
申请人： Shape Security, Inc.
发明人： Timothy Dylan Peacock , Justin D. Call , Siying Yang , Sumit Agarwal
IPC分类号： G06F7/04 , H04L29/06
CPC分类号： H04L63/145 , G06F17/2247 , G06F17/2264 , H04L63/1466 , H04L63/168
摘要： A computer-implemented method includes receiving, at a computer security server system located between the Internet and a client computing device that makes requests over the Internet, a request for content directed to a particular content server system; forwarding the received request, with the computer security server system, to the particular content server system; receiving code from the particular server system in response to the request; applying a security countermeasure to the received code to created transformed code; providing the transformed code to the client computing device; receiving a communication from the client computing device; and determining that software on the client computing device has attempted to interact with the received code rather than the transformed code.

54. 发明授权

US09270647B2 Client/server security by an intermediary rendering modified in-memory objects 有权
标题翻译：客户端/服务器的安全性由中间层渲染修改的内存中对象
公开(公告)号：US09270647B2
公开(公告)日：2016-02-23
申请号：US14099437
申请日：2013-12-06
申请人： Shape Security, Inc.
发明人： Justin Call
IPC分类号： H04L29/06 , G06F21/00 , G06F9/455 , G06F9/44 , G06F11/36
CPC分类号： H04L63/04 , G06F9/45529 , H04L29/06972 , H04L63/0281 , H04L63/1466 , H04L67/42
摘要： In an embodiment, a method comprises intercepting, from a server computer, a first set of instructions that define one or more objects and one or more operations that are based, at least in part, on the one or more objects; generating, in memory, one or more data structures that correspond to the one or more objects; performing the one or more operations on the one or more data structures; updating the one or more data structures, in response to performing the one or more operations, to produce one or more updated data structures; rendering a second set of instructions, which when executed by a remote client computer cause the remote client computer to generate the updated data structures in memory on the remote client computer, wherein the second set of instructions are different than the first set of instructions; sending the second set of instructions to the remote client computer.
摘要翻译：在一个实施例中，一种方法包括从服务器计算机拦截定义一个或多个对象的第一组指令和至少部分地基于所述一个或多个对象的一个或多个操作; 在存储器中产生对应于所述一个或多个对象的一个或多个数据结构; 对所述一个或多个数据结构执行所述一个或多个操作; 响应于执行所述一个或多个操作来更新所述一个或多个数据结构以产生一个或多个更新的数据结构; 呈现第二组指令，当由远程客户端计算机执行时，远程客户端计算机在远程客户端计算机上的存储器中生成更新的数据结构，其中第二组指令与第一组指令不同; 将第二组指令发送到远程客户端计算机。

55. 发明申请

US20150347756A1 AUTOMATIC LIBRARY DETECTION 有权
标题翻译：自动图书馆检测
公开(公告)号：US20150347756A1
公开(公告)日：2015-12-03
申请号：US14293895
申请日：2014-06-02
申请人： Shape Security, Inc.
发明人： Ariya Hidayat , Bei Zhang
IPC分类号： G06F21/57
CPC分类号： G06F21/563 , G06F21/566 , G06F21/57 , G06F2221/033 , H04L63/1441 , H04L67/42
摘要： The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.
摘要翻译：描述了在更大体积的源代码中的特定的代码块的自动化的实时检测。具体实现涉及检测网页代码中的已知代码库，以提高为阻止自动网络攻击的目的而产生网页代码的多态转换的效率。

56. 发明授权

US09158893B2 System for finding code in a data flow 有权
标题翻译：用于在数据流中查找代码的系统
公开(公告)号：US09158893B2
公开(公告)日：2015-10-13
申请号：US13527025
申请日：2012-06-19
申请人： Justin David Call , Oscar Hunter Steele, III
发明人： Justin David Call , Oscar Hunter Steele, III
IPC分类号： G06F11/00 , G06F21/00 , G06F21/55 , G06F21/56 , H04L29/06
CPC分类号： H04L63/1416 , G06F21/00 , G06F21/55 , G06F21/554 , G06F21/56 , G06F21/562 , H04L63/1425 , H04L67/02 , H04L67/42
摘要： A code finder system deployed as a software module, a web service or as part of a larger security system, identifies and processes well-formed code sequences. For a data flow that is expected to be free of executable or interpreted code, or free of one or more known styles of executable or interpreted code, the code finder system can protect participants in the communications network. Examples of payload carried by data flows that can be monitored include, but are not limited to, user input data provided as part of interacting with a web application, data files or entities, such as images or videos, and user input data provided as part of interacting with a desktop application.
摘要翻译：部署为软件模块，Web服务或作为更大安全系统的一部分的代码查找器系统识别和处理格式良好的代码序列。对于期望没有可执行或解释代码或没有一个或多个已知风格的可执行或解释代码的数据流，代码查找器系统可以保护通信网络中的参与者。可以被监视的数据流携带的有效负载的例子包括但不限于作为与web应用程序交互的一部分提供的用户输入数据，诸如图像或视频的数据文件或实体，以及作为部分提供的用户输入数据与桌面应用程序进行交互。

57. 发明申请

US20140283069A1 PROTECTING AGAINST THE INTRODUCTION OF ALIEN CONTENT 有权
标题翻译：保护对引进的内容
公开(公告)号：US20140283069A1
公开(公告)日：2014-09-18
申请号：US14055646
申请日：2013-10-16
申请人： Shape Security Inc.
发明人： Justin D. Call , Xiaohan Huang , Xiaoming Zhou , Subramanian Varadarajan , Marc R. Hansen
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , G06F21/128 , G06F21/14 , G06F21/51 , G06F21/54 , G06F21/563 , G06F21/566 , H04L63/0428 , H04L63/0471 , H04L63/123 , H04L63/1425 , H04L63/145 , H04L63/1483 , H04L67/42
摘要： In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client.
摘要翻译：在一个实现中，计算机实现的方法可以识别异常的计算机行为。该方法可以在计算机服务器子系统和web服务器系统处接收响应来自计算客户端通过互联网的请求来服务的计算机代码。该方法还可以修改计算机代码以掩盖可以从计算机代码确定的Web服务器系统的操作设计，并且使用被编程为在计算客户端上执行的测试代码补充计算机代码。该方法可以将修改和补充的计算机代码服务于计算客户机。

58. 发明申请

US20140282872A1 STATELESS WEB CONTENT ANTI-AUTOMATION 有权
标题翻译：无状态WEB内容防自动化
公开(公告)号：US20140282872A1
公开(公告)日：2014-09-18
申请号：US14055714
申请日：2013-10-16
申请人： Shape Security Inc.
发明人： Marc R. Hansen , Sumit Agarwal , Subramanian Varadarajan , Justin D. Call
IPC分类号： H04L29/06
CPC分类号： H04L63/145 , H04L63/0428 , H04L63/0471 , H04L63/102 , H04L63/123 , H04L63/1466 , H04L63/1483 , H04L63/168
摘要： A computer-implemented method for coordinating content transformation includes receiving, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet; modifying the computer code to obscure operation of the web server system that could be determined from the computer code; generating transformation information that is needed in order to reverse the modifications of the computer code to obscure the operation of the web server system; and serving to the computing client the modified code and the reverse transformation information.
摘要翻译：用于协调内容变换的计算机实现的方法包括在计算机服务器子系统和web服务器系统处接收响应于来自计算客户端的因特网的请求而被服务的计算机代码; 修改计算机代码以掩盖可以从计算机代码确定的web服务器系统的操作; 生成转换信息，以便反转计算机代码的修改以遮蔽web服务器系统的操作; 并向计算客户端提供修改的代码和反向转换信息。

59. 发明授权

US11329992B2 Security measures for extended sessions 有权
公开(公告)号：US11329992B2
公开(公告)日：2022-05-10
申请号：US16654513
申请日：2019-10-16
申请人： Shape Security, Inc.
发明人： Mengmeng Chen , Sumit Agarwal , Yao Zhou
IPC分类号： H04L67/146 , H04L67/01 , H04L29/06
摘要： Techniques are provided for security measures for extended sessions. Request data for a request is received from a client computing device to a web server system. The request comprises a session identifier (ID) for a session between an authenticated user and the web server system. It is determined, based on the request data, that the client computing device is a single-user device. It is determined, based on the request data, that the client computing device is not compromised. In response to determining that the client computing device is a single-user device and that the client computing device is not compromised, extension of the session between the authenticated user on the client computing device and the web server system is caused.

60. 发明授权

US11044261B2 Detecting compromised credentials in a credential stuffing attack 有权
公开(公告)号：US11044261B2
公开(公告)日：2021-06-22
申请号：US16024691
申请日：2018-06-29
申请人： SHAPE SECURITY, INC.
发明人： Daniel G Moen , Carl Schroeder
IPC分类号： H04L29/06 , H04L29/08 , G06N20/00
摘要： Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式